Under current Swiss data protection law, Swiss companies may appoint a data protection officer to independently monitor the processing of personal data and maintain an inventory of data files containing personal data. Such appointment relieves companies of the obligation to register their data files with the Federal Data Protection and Information Commissioner.
The data protection officer can be an employee of the company or an external third party. Upon request, we can assume the role of external data protection officer (also ad interim) based on the applicable Swiss data protection law. As soon as the revised Swiss Data Protection Act comes into force, we will adapt our service accordingly.
We also assume the role of external data protection officer in the EU. Please contact us for more information.
What are the advantages of appointing us as your external data protection officer?
- have extensive experience in the function of global and Swiss data protection officer
- carry out our duties independently and without conflicts of interest
- provide specialist knowledge in data privacy and are up to date with the latest developments in data protection worldwide and in particular at Swiss and European level
- offer a flexible service package according to your specific needs
- ensure compliance with Swiss and European data protection laws
- have a competent and experienced partner who effectively supports you in your compliance efforts
- obtain expert knowledge and know-how without having to build up expertise in-house
- free up internal resources
- are exempt from the obligation to register your data files with the Federal Data Protection and Information Commissioner
Monitoring the processing of personal data
We monitor the processing of personal data through regular privacy compliance and impact assessments, identify privacy gaps and risks, and recommend and monitor the implementation of remedial measures.
Maintaining a list of data files
We maintain a list of data files containing personal data. This task includes
- the design and establishment of procedures and processes
- the training of the organizations that maintain such data files
- updating the inventory, which is made available, on request, to the Federal Data Protection and Information Commissioner and data subjects; and
- conducting regular reviews
Based on your needs, we offer additional services that may include the following:
- Development and implementation of data privacy management practices, policies, procedures, and processes
- Legal advice in day-to-day privacy-related matters
- Development and review of templates and tools
- Risk management
- Handling of data privacy incidents, access requests, and complaints
- Developing and delivering awareness and training programs to the organization